Dont know what i have picked up, but need help its driving me batty

Okay when ever i right click open a link in new tab on most links it will open another page sorequester or something is in the addy bar, i close it quickly will take note and post a broken link next time it does it, sometimes i have not been quick enough to close it and noticed the page went to bing. when i am trying to use google to find stuff alot of the time i have been getting page blocked attack warning and a button to get me out of here or whats the risk or something.
i run Windows XP, i also use Avast which i purchased, it picked alot of bugs up shortly after i downloaded a couple of zumba things from limewire yea i know i should just buy the product, but wanted to suss it out first before i spend $250. BIG MISTAKE now i know but please help i dont know what else to do, i re-ran avast to scan entire comp and it didnt pick any thing else up. below is one of the pages messages i get when trying to open things i have googled for, the page i was after is a finance company we currently use.

reported Attack Page!

This web page at 64.111.212.229 has been reported as an attack page and has been blocked based on your security preferences.

Attack pages try to install programs that steal private information, use your computer to attack others, or damage your system.

Some attack pages intentionally distribute harmful software, but many are compromised without the knowledge or permission of their owners.





Cheers Rissa

Hello.

Download OTL by OldTimer to your Desktop.

• Close all windows and double click OTL.exe
  
• Click Run Scan and let the program run uninterrupted
  
• It will produce two logs for you, one will pop up - OTL.txt, the other will be saved on your Desktop - Extras.txt. Post both logs in this thread.
  
• You may need to use two posts to get it all.
  

OTL logfile created on: 1/7/2011 2:28:48 PM - Run 1
OTL by OldTimer - Version 3.2.20.1 Folder = C:\Documents and Settings\Administrator\My Documents\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18241)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

735.00 Mb Total Physical Memory | 549.00 Mb Available Physical Memory | 75.00% Memory free
2.00 Gb Paging File | 1.00 Gb Available in Paging File | 71.00% Paging File free
Paging file location(s): C:\pagefile.sys 1104 2208 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 114.48 Gb Total Space | 66.92 Gb Free Space | 58.45% Space Free | Partition Type: NTFS
Drive D: | 74.52 Gb Total Space | 60.60 Gb Free Space | 81.32% Space Free | Partition Type: NTFS
Drive E: | 640.19 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: ACER | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/01/07 14:27:12 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\My Documents\Downloads\OTL.exe
PRC - [2010/12/24 12:24:05 | 000,175,616 | ---- | M] (Borland Software Corporation) -- C:\Documents and Settings\Administrator\Application Data\SysWin\lsass.exe
PRC - [2010/10/16 00:40:40 | 000,037,664 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2010/03/28 12:16:06 | 000,797,112 | ---- | M] (iMesh, Inc) -- C:\Program Files\BearShare Applications\MediaBar\DataMngr\DataMngrUI.exe
PRC - [2009/11/25 10:51:40 | 000,081,000 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashDisp.exe
PRC - [2009/11/25 10:51:35 | 000,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe
PRC - [2009/11/25 10:51:21 | 000,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
PRC - [2009/11/25 10:48:48 | 000,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
PRC - [2009/11/25 10:43:56 | 000,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
PRC - [2009/02/06 17:07:48 | 000,027,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Contacts\wlcomm.exe
PRC - [2008/04/14 14:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2005/01/19 02:43:04 | 000,196,608 | ---- | M] (Lexmark International, Inc.) -- C:\Program Files\Lexmark 7100 Series\lxbxmon.exe
PRC - [2005/01/07 10:41:22 | 000,462,848 | ---- | M] (Lexmark International, Inc.) -- C:\WINDOWS\system32\lxbxcoms.exe
PRC - [2004/09/18 05:24:02 | 000,061,440 | ---- | M] () -- C:\Program Files\Lexmark 7100 Series\ezprint.exe


========== Modules (SafeList) ==========

MOD - [2011/01/07 14:27:12 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\My Documents\Downloads\OTL.exe
MOD - [2008/04/14 14:41:54 | 000,367,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dsound.dll
MOD - [2008/04/14 14:41:54 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\framedyn.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- C:\WINDOWS\System32\inseng32.exe -- (xmlprov3232)
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\System32\cdm32.exe -- (xmlprov32)
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\System32\fontsub32.exe -- (WZCSVC3232)
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\System32\sysinv32.exe -- (WZCSVC32)
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\System32\dmusic32.exe -- (wuauserv32323232)
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\System32\dpwsock32.exe -- (wuauserv323232)
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\System32\adsldp32.exe -- (wuauserv3232)
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\System32\mcdsrv3232.exe -- (wuauserv32)
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\System32\devenum32.exe -- (Wmi323232)
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\System32\ipsecsvc32.exe -- (Wmi3232)
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\System32\glu3232.exe -- (WmdmPmSN32)
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\System32\msdtclog32.exe -- (winmgmt3232)
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\System32\skdll32.exe -- (WebClient3232)
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\System32\msacm32.exe -- (W32Time32)
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\System32\framedyn32.exe -- (VSS323232)
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\System32\wmasf32.exe -- (VSS3232)
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\System32\wtsapi3232.exe -- (VSS32)
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\System32\wiaservc32.exe -- (UPS3232)
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\System32\netapi32.exe -- (UPS32)
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\System32\msvidc3232.exe -- (upnphost32)
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\System32\iprtprio32.exe -- (TrkWks32)
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\System32\d3dim70032.exe -- (Themes32323232)
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\System32\dfsshlex32.exe -- (Themes323232)
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\System32\imapi232.exe -- (Themes3232)
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\System32\qcap32.exe -- (Themes32)
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\System32\aclui32.exe -- (TapiSrv3232)
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\System32\initpki32.exe -- (TapiSrv32)
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\System32\stclient32.exe -- (SysmonLog32)
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\System32\msimg3232.exe -- (SwPrv3232)
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\System32\wintrust32.exe -- (SwPrv32)
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\System32\ipxmontr32.exe -- (stisvc3232) Windows Image Acquisition (WIA)
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\System32\certmgr32.exe -- (stisvc32) Windows Image Acquisition (WIA)
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\System32\lxbxprox32.exe -- (SSDPSRV32)
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\System32\bitsprx432.exe -- (srservice323232)
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\System32\wups32.exe -- (srservice3232)
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\System32\wifeman32.exe -- (srservice32)
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\System32\cscdll32.exe -- (Spooler323232)
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\System32\lxbxcub32.exe -- (Spooler3232)
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\System32\sclgntfy32.exe -- (Spooler32)
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\System32\mscpxl3232.exe -- (ShellHWDetection32323232)
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\System32\msxmlr32.exe -- (ShellHWDetection323232)
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\System32\cliconfg32.exe -- (ShellHWDetection3232)
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\System32\fontext32.exe -- (ShellHWDetection32)
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\System32\igmpagnt32.exe -- (SharedAccess32) Windows Firewall/Internet Connection Sharing (ICS)
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\System32\oledlg32.exe -- (ServiceLayer32)
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\System32\NCTQuickTimeFile32.exe -- (SENS32)
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\System32\wavemsp32.exe -- (seclogon3232)
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\System32\comsnap32.exe -- (seclogon32)
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\System32\urlmon32.exe -- (Schedule32)
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\System32\msvcirt32.exe -- (SamSs32)
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\System32\danim32.exe -- (RSVP32)
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\System32\user3232.exe -- (RpcSs32) Remote Procedure Call (RPC)
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\System32\wiafbdrv32.exe -- (RDSessMgr32)
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\System32\msprivs32.exe -- (ProtectedStorage3232)
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\System32\ialmuELL32.exe -- (ProtectedStorage32)
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\System32\wshext32.exe -- (PolicyAgent323232)
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\System32\neth32.exe -- (PolicyAgent3232)
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\System32\atmfd32.exe -- (PolicyAgent32)
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\System32\mfc4032.exe -- (PlugPlay3232)
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\System32\mqlogmgr32.exe -- (PlugPlay32)
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\System32\ntprint32.exe -- (ose32)
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\System32\kernel3232.exe -- (NtLmSsp323232323232)
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\System32\ws2help32.exe -- (NtLmSsp3232323232)
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\System32\dsound3d32.exe -- (NtLmSsp32323232)
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\System32\tcpmonui32.exe -- (NtLmSsp323232)
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\System32\localspl32.exe -- (NtLmSsp3232)
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\System32\ipxsap32.exe -- (NtLmSsp32)
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\System32\sqlwid32.exe -- (Nla3232) Network Location Awareness (NLA)
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\System32\ialmuFRC32.exe -- (Nla32) Network Location Awareness (NLA)
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\System32\rcbdyctl32.exe -- (Netlogon32323232)
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\System32\hlink32.exe -- (Netlogon323232)
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\System32\rasctrs32.exe -- (Netlogon3232)
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\System32\mswstr1032.exe -- (Netlogon32)
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\System32\riched3232.exe -- (napagent32)
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\System32\mfc4232.exe -- (MSDTC32323232)
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\System32\ialmdd532.exe -- (MSDTC323232)
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\System32\odbc32gt32.exe -- (MSDTC3232)
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\System32\hnetwiz32.exe -- (lxbx_device32)
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\System32\mstime32.exe -- (lanmanworkstation3232)
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\System32\msxbde4032.exe -- (lanmanworkstation32)
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\System32\hidserv32.exe -- (LanmanServer32)
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\System32\mapistub32.exe -- (iPod Service3232)
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\System32\hid32.exe -- (ImapiService323232)
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\System32\seclogon32.exe -- (ImapiService3232)
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\System32\mqutil32.exe -- (IDriverT3232)
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\System32\msswch32.exe -- (IDriverT32)
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\System32\nddeapi32.exe -- (hkmsvc3232)
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\System32\shlwapi32.exe -- (hkmsvc32)
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\System32\mprapi32.exe -- (HidServ3232)
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\System32\msrle3232.exe -- (HidServ32)
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\System32\psbase32.exe -- (gusvc3232)
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\System32\lxbxprox32.exe -- (gusvc32)
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\System32\msv1_032.exe -- (gupdate323232) Google Update Service (gupdate)
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\System32\odexl3232.exe -- (gupdate32) Google Update Service (gupdate)
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\System32\winsock32.exe -- (FastUserSwitchingCompatibility32)
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\System32\igfxres32.exe -- (Eventlog32)
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\System32\slbcsp32.exe -- (EapHost32)
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\System32\kbdus32.exe -- (Dot3svc323232)
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\System32\jscript32.exe -- (Dot3svc3232)
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\System32\zipfldr32.exe -- (Dot3svc32)
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\System32\msi32.exe -- (Dnscache323232)
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\System32\dpvoice32.exe -- (Dnscache3232)
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\System32\oakley32.exe -- (Dnscache32)
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\System32\rsaenh32.exe -- (dmserver323232323232)
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\System32\lxbxins32.exe -- (dmserver3232323232)
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\System32\dplayx32.exe -- (dmserver32323232)
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\System32\wshcon32.exe -- (dmserver323232)
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\System32\xmlprov32.exe -- (dmserver32)
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\System32\msrating32.exe -- (dmadmin3232)
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\System32\rasrad32.exe -- (dmadmin32)
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\System32\d3dxof32.exe -- (Dhcp32323232)
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\System32\rtutils32.exe -- (Dhcp323232)
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\System32\mshtml32.exe -- (Dhcp3232)
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\System32\wucltui32.exe -- (Dhcp32)
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\System32\msxml32.exe -- (DcomLaunch32)
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\System32\d3dpmesh32.exe -- (clr_optimization_v2.0.50727_3232)
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\System32\vxblock32.exe -- (Browser3232)
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\System32\inseng32.exe -- (Browser32)
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\System32\rsvpsp32.exe -- (Bonjour Service323232)
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\System32\azroles32.exe -- (Bonjour Service3232)
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\System32\moricons32.exe -- (Bonjour Service32)
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\System32\mqupgrd32.exe -- (BITS32)
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\System32\avicap32.exe -- (AudioSrv32)
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\System32\NCTAudioFormatSettings332.exe -- (aspnet_state3232)
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\System32\dhcpqec32.exe -- (aspnet_state32)
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\System32\opengl3232.exe -- (AppMgmt32323232)
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\System32\iprop32.exe -- (AppMgmt323232)
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\System32\compstui32.exe -- (AppMgmt3232)
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\System32\iernonce32.exe -- (AppMgmt32)
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\System32\odfox3232.exe -- (Apple Mobile Device323232)
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\System32\w32topl32.exe -- (Apple Mobile Device3232)
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\System32\olecnv3232.exe -- (Apple Mobile Device32)
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\System32\msjtes4032.exe -- (ALG32)
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\System32\hhsetup32.exe -- (Alerter32)
SRV - [2010/10/16 00:40:40 | 000,037,664 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2009/11/25 10:51:35 | 000,138,680 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus)
SRV - [2009/11/25 10:51:21 | 000,254,040 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner)
SRV - [2009/11/25 10:48:48 | 000,352,920 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner)
SRV - [2009/11/25 10:43:56 | 000,018,752 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv)
SRV - [2009/10/27 10:26:36 | 000,657,408 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2005/01/07 10:41:22 | 000,462,848 | ---- | M] (Lexmark International, Inc.) [On_Demand | Running] -- C:\WINDOWS\System32\lxbxcoms.exe -- (lxbx_device)


========== Driver Services (SafeList) ==========

DRV - [2009/11/25 10:50:59 | 000,094,160 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2009/11/25 10:50:12 | 000,114,768 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2009/11/25 10:50:00 | 000,020,560 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2009/11/25 10:49:07 | 000,048,560 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2009/11/25 10:48:57 | 000,023,120 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2009/11/25 10:47:54 | 000,027,408 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2009/10/06 12:52:34 | 000,022,016 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2009/10/06 12:52:34 | 000,017,664 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2008/09/26 18:01:00 | 000,101,376 | R--- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2008/08/26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008/04/14 14:05:40 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)
DRV - [2007/07/14 09:25:22 | 000,027,072 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PCASp50.sys -- (PCASp50)
DRV - [2007/06/23 01:54:32 | 000,087,424 | ---- | M] (Cmotech Co., Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\cmusbnet.sys -- (cmusbnet) WAN Driver @ 3GPP (6280)
DRV - [2006/12/14 10:31:56 | 000,087,040 | ---- | M] (Cmotech Co.,Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\cmusbser.sys -- (cmusbser)
DRV - [2005/10/27 07:14:34 | 000,006,927 | R--- | M] (Conexant Systems, Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\UIUSYS.SYS -- (UIUSys)
DRV - [2005/03/05 03:10:26 | 000,074,496 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtlnicxp.sys -- (RTL8023xp)
DRV - [2003/07/02 06:33:00 | 000,652,497 | R--- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ltmdmnt.sys -- (ltmodem5)


========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.bearshare.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = 08 A2 62 06 78 0C A3 49 B3 22 4E 18 80 DF E0 0F [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\Software\Microsoft\Internet Explorer\SearchURL\g, = http://www.google.com/search?q=%s
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "BearShare Web Search"
FF - prefs.js..browser.search.order.1: "BearShare Web Search"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "http://www.google.com.au/"
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {888d99e7-e8b5-46a3-851e-1ec45da1e644}:4.0.1
FF - prefs.js..extensions.enabledItems: {E84D42CA-64EB-11DE-A65F-8C3656D89593}:3.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {8e5eed42-1f06-40c5-9cf9-b53b7e5b0211}:1.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..keyword.URL: "http://search.bearshare.com/web?src=ffb&q="

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/01/07 00:45:40 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/12/15 21:51:05 | 000,000,000 | ---D | M]

[2009/06/06 19:22:01 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Extensions
[2011/01/05 22:23:20 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\9td2853z.default\extensions
[2010/09/09 13:06:01 | 000,000,000 | ---D | M] (Zynga Toolbar) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\9td2853z.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}
[2010/12/18 20:33:10 | 000,000,000 | ---D | M] (ReloadEvery) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\9td2853z.default\extensions\{888d99e7-e8b5-46a3-851e-1ec45da1e644}
[2010/12/28 15:50:39 | 000,000,000 | ---D | M] (XUL Cache) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\9td2853z.default\extensions\{8e5eed42-1f06-40c5-9cf9-b53b7e5b0211}
[2010/04/14 17:53:55 | 000,000,000 | ---D | M] (MediaBar) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\9td2853z.default\extensions\{E84D42CA-64EB-11DE-A65F-8C3656D89593}
[2010/03/28 12:04:34 | 000,002,476 | ---- | M] () -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\9td2853z.default\searchplugins\BearShareWebSearch.xml
[2011/01/05 22:23:20 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/05/20 02:23:37 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/12/28 15:32:59 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2010/05/20 02:23:11 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2010/11/12 18:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010/03/28 12:04:34 | 000,002,476 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\BearShareWebSearch.xml

O1 HOSTS File: ([2001/08/23 23:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {0662A208-0C78-49A3-B322-4E1880DFE00f} - C:\WINDOWS\system32\azroles32.dll (Borland Software Corporation)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (MediaBar) - {0974BA1E-64EC-11DE-B2A5-E43756D89593} - C:\Program Files\BearShare Applications\MediaBar\ToolBar\BearshareMediabarDx.dll ()
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (UrlHelper Class) - {74322BF9-DF26-493f-B0DA-6D2FC5E6429E} - C:\Program Files\BearShare Applications\MediaBar\DataMngr\IEBHO.dll (MusicLab, LLC)
O2 - BHO: (14c733b8) - {9530D689-3E79-F48E-33CE-E610B02A9CD1} - C:\WINDOWS\system32\winscard32.dll (Borland Software Corporation)
O3 - HKLM\..\Toolbar: (MediaBar) - {0974BA1E-64EC-11DE-B2A5-E43756D89593} - C:\Program Files\BearShare Applications\MediaBar\ToolBar\BearshareMediabarDx.dll ()
O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [Cmaudio] File not found
O4 - HKLM..\Run: [DataMngr] C:\Program Files\BearShare Applications\MediaBar\DataMngr\DataMngrUI.exe (iMesh, Inc)
O4 - HKLM..\Run: [dmbandwow.exe] C:\WINDOWS\dmbandwow.exe File not found
O4 - HKLM..\Run: [EzPrint] C:\Program Files\Lexmark 7100 Series\ezprint.exe ()
O4 - HKLM..\Run: [LXBXCATS] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXBXtime.DLL ()
O4 - HKLM..\Run: [lxbxmon.exe] C:\Program Files\Lexmark 7100 Series\lxbxmon.exe (Lexmark International, Inc.)
O4 - HKLM..\RunOnceEx: [] File not found
O4 - Startup: C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe (Lime Wire, LLC)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe (Eastman Kodak Company)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Kodak software updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktopCleanupWizard = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: RTHDBPL = C:\Documents and Settings\Administrator\Application Data\SysWin\lsass.exe (Borland Software Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableStatusMessages = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: VerboseStatus = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoInternetOpenWith = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMMyPictures = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuPinnedList = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O12 - Plugin for: .spop - C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll (InterTrust Technologies Corporation, Inc.)
O15 - HKCU\..Trusted Domains: bigpond.com ([register] https in Local intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O20 - AppInit_DLLs: (C:\PROGRA~1\BEARSH~1\MediaBar\DataMngr\datamngr.dll) - C:\Program Files\BearShare Applications\MediaBar\DataMngr\datamngr.dll (iMesh, Inc)
O20 - AppInit_DLLs: (C:\WINDOWS\system32\winscard32.dll) - C:\WINDOWS\system32\winscard32.dll (Borland Software Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/06 06:55:54 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2000/07/25 22:57:34 | 000,000,044 | R--- | M] () - E:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{36cac070-114f-11df-8f0c-00138ffc8700}\Shell - "" = AutoRun
O33 - MountPoints2\{36cac070-114f-11df-8f0c-00138ffc8700}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{36cac070-114f-11df-8f0c-00138ffc8700}\Shell\AutoRun\command - "" = J:\AutoRun.exe -- File not found
O33 - MountPoints2\{36cac073-114f-11df-8f0c-00138ffc8700}\Shell - "" = AutoRun
O33 - MountPoints2\{36cac073-114f-11df-8f0c-00138ffc8700}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{36cac073-114f-11df-8f0c-00138ffc8700}\Shell\AutoRun\command - "" = J:\AutoRun.exe -- File not found
O33 - MountPoints2\{56e5e09d-51df-11de-b21d-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{56e5e09d-51df-11de-b21d-806d6172696f}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{56e5e09d-51df-11de-b21d-806d6172696f}\Shell\AutoRun\command - "" = E:\start.exe -- [2000/07/26 19:53:44 | 006,160,384 | R--- | M] ()
O33 - MountPoints2\{c0d1025b-1863-11df-8f15-00138ffc8700}\Shell - "" = AutoRun
O33 - MountPoints2\{c0d1025b-1863-11df-8f15-00138ffc8700}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{c0d1025b-1863-11df-8f15-00138ffc8700}\Shell\AutoRun\command - "" = J:\setup.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/01/04 21:54:56 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrator\Recent
[2010/12/28 15:45:57 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2010/12/28 15:32:56 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2010/12/28 15:32:56 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2010/12/28 15:32:55 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2010/12/24 13:59:26 | 000,000,000 | ---D | C] -- C:\Funny Backup
[2010/12/24 13:52:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\DVDmaker
[2010/12/24 13:52:42 | 000,139,264 | ---- | C] (NCT Company Ltd.) -- C:\WINDOWS\System32\NCTVideoPlayer.dll
[2010/12/24 13:52:41 | 003,031,040 | ---- | C] (Online Media Technologies Ltd.) -- C:\WINDOWS\System32\NCTVideoTransform.dll
[2010/12/24 13:52:41 | 000,589,824 | ---- | C] (Online Media Technologies Ltd.) -- C:\WINDOWS\System32\NCTVideoView.dll
[2010/12/24 13:52:41 | 000,139,264 | ---- | C] (NCT Company Ltd.) -- C:\WINDOWS\System32\NCTVideoFile.dll
[2010/12/24 13:52:40 | 000,991,232 | ---- | C] (NCT Company Ltd.) -- C:\WINDOWS\System32\NCTVideoCoreM.dll
[2010/12/24 13:52:40 | 000,294,912 | ---- | C] (NCT Company Ltd.) -- C:\WINDOWS\System32\NCTAVIFile.dll
[2010/12/24 13:52:40 | 000,282,624 | ---- | C] (Online Media Technologies Company Ltd.) -- C:\WINDOWS\System32\NCTQuickTimeFile.dll
[2010/12/24 13:52:40 | 000,196,608 | ---- | C] (NCT Company Ltd.) -- C:\WINDOWS\System32\NCTWMVFile.dll
[2010/12/24 13:52:39 | 002,260,992 | ---- | C] (NCT Company Ltd.) -- C:\WINDOWS\System32\NCTVideoCompress.dll
[2010/12/24 13:52:39 | 000,090,112 | ---- | C] (Online Media Technologies Ltd.) -- C:\WINDOWS\System32\NCTAudioFormatSettings3.dll
[2010/12/24 13:52:38 | 002,658,304 | ---- | C] (Online Media Technologies Ltd.) -- C:\WINDOWS\System32\NCTAudioCompress3.dll
[2010/12/24 13:52:37 | 001,810,432 | ---- | C] (Online Media Technologies Ltd.) -- C:\WINDOWS\System32\NCTAudioCompress2.dll
[2010/12/24 13:52:37 | 000,458,752 | ---- | C] (Online Media Technologies Ltd.) -- C:\WINDOWS\System32\NCTAudioPlayer2.dll
[2010/12/24 13:52:36 | 000,974,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mfc70.dll
[2010/12/24 13:52:36 | 000,487,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcp70.dll
[2010/12/24 13:52:36 | 000,344,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcr70.dll
[2010/12/24 13:52:35 | 001,700,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\GdiPlus.dll
[2010/12/24 13:52:32 | 004,085,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmfdist.exe
[2010/12/24 13:52:31 | 000,000,000 | ---D | C] -- C:\Program Files\FunnySoft
[2010/12/24 12:25:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\WinRAR
[2010/12/24 12:24:59 | 000,000,000 | -HSD | C] -- C:\WINDOWS\System32\SysWoW32
[2010/12/24 12:24:44 | 000,000,000 | -HSD | C] -- C:\WINDOWS\System32\4CF669A4E0978C8153827BA8AE09105F
[2010/12/24 12:24:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1451623562
[2010/12/24 12:24:11 | 000,259,072 | ---- | C] (Borland Software Corporation) -- C:\WINDOWS\System32\winscard32.dll
[2010/12/24 12:24:09 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Administrator\Application Data\SysWin
[2010/12/24 12:24:05 | 000,175,616 | ---- | C] (Borland Software Corporation) -- C:\WINDOWS\System32\winscard32.exe
[2010/12/24 12:24:01 | 000,414,208 | ---- | C] (Borland Software Corporation) -- C:\WINDOWS\System32\azroles32.dll
[2010/12/17 23:29:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\iTunes
[2010/12/14 22:23:15 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\My Documents\My Videos
[2010/12/10 21:42:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\QuickTime
[2010/12/10 21:41:44 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[7 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\Documents and Settings\Administrator\*.tmp files -> C:\Documents and Settings\Administrator\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/01/07 15:18:00 | 000,000,900 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/01/07 11:18:10 | 000,000,896 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/12/31 23:50:58 | 007,060,480 | R--- | M] () -- C:\Documents and Settings\All Users\Documents\ESBK.mbb
[2010/12/31 23:50:58 | 005,500,928 | R--- | M] () -- C:\Documents and Settings\All Users\Documents\ESBK.mb
[2010/12/31 21:22:17 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/12/28 15:24:33 | 000,002,184 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/12/28 15:24:29 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/12/28 11:31:10 | 000,000,112 | ---- | M] () -- C:\WINDOWS\System32\505050266
[2010/12/27 22:18:00 | 000,001,185 | ---- | M] () -- C:\WINDOWS\System32\349051025
[2010/12/25 09:50:27 | 000,002,629 | ---- | M] () -- C:\WINDOWS\System32\GnuHashes.ini
[2010/12/24 13:54:33 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2010/12/24 13:52:55 | 000,000,725 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Free DVD Maker.lnk
[2010/12/24 12:25:54 | 000,000,597 | -HS- | M] () -- C:\WINDOWS\System32\887370685
[2010/12/24 12:24:59 | 000,000,165 | ---- | M] () -- C:\WINDOWS\System32\sl1426432303
[2010/12/24 12:24:41 | 000,203,776 | -HS- | M] () -- C:\WINDOWS\System32\unrar.exe
[2010/12/24 12:24:11 | 000,259,072 | ---- | M] (Borland Software Corporation) -- C:\WINDOWS\System32\winscard32.dll
[2010/12/24 12:24:05 | 000,175,616 | ---- | M] (Borland Software Corporation) -- C:\WINDOWS\System32\winscard32.exe
[2010/12/24 12:24:01 | 000,414,208 | ---- | M] (Borland Software Corporation) -- C:\WINDOWS\System32\azroles32.dll
[2010/12/17 23:29:25 | 000,001,542 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2010/12/14 07:21:16 | 000,001,813 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
[2010/12/14 07:21:16 | 000,001,791 | ---- | M] () -- C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2010/12/10 21:42:09 | 000,001,604 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\Documents and Settings\Administrator\*.tmp files -> C:\Documents and Settings\Administrator\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/12/24 13:52:55 | 000,000,725 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\Free DVD Maker.lnk
[2010/12/24 13:52:37 | 000,316,640 | ---- | C] () -- C:\WINDOWS\System32\WMSysPr9.prx
[2010/12/24 13:52:37 | 000,156,910 | ---- | C] () -- C:\WINDOWS\System32\WMSysPr8.prx
[2010/12/24 13:52:35 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll
[2010/12/24 12:33:12 | 000,002,629 | ---- | C] () -- C:\WINDOWS\System32\GnuHashes.ini
[2010/12/24 12:25:54 | 000,000,597 | -HS- | C] () -- C:\WINDOWS\System32\887370685
[2010/12/24 12:25:53 | 000,001,185 | ---- | C] () -- C:\WINDOWS\System32\349051025
[2010/12/24 12:24:59 | 000,000,165 | ---- | C] () -- C:\WINDOWS\System32\sl1426432303
[2010/12/24 12:24:41 | 000,203,776 | -HS- | C] () -- C:\WINDOWS\System32\unrar.exe
[2010/12/24 12:24:05 | 000,000,112 | ---- | C] () -- C:\WINDOWS\System32\505050266
[2010/12/17 23:29:25 | 000,001,542 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2010/12/10 21:42:09 | 000,001,604 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
[2010/04/14 17:53:35 | 000,076,407 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\Smiley.ico
[2010/01/28 18:39:55 | 000,000,008 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\NMM-MetaData.db
[2010/01/23 21:28:25 | 000,000,113 | ---- | C] () -- C:\WINDOWS\PH2.ini
[2010/01/23 21:21:38 | 000,000,109 | ---- | C] () -- C:\WINDOWS\PS1.ini
[2009/06/22 12:18:37 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\lxbxvs.dll
[2009/06/07 18:46:15 | 000,028,672 | R--- | C] () -- C:\WINDOWS\System32\cmirmdrv.dll
[2009/06/07 18:46:10 | 000,000,092 | ---- | C] () -- C:\WINDOWS\CMISETUP.INI
[2009/06/07 18:46:09 | 000,000,026 | ---- | C] () -- C:\WINDOWS\CMCDPLAY.INI
[2009/06/07 18:46:07 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Wininit.ini
[2009/06/07 18:46:06 | 000,028,672 | ---- | C] () -- C:\WINDOWS\CMIRmDriver.dll
[2009/06/06 01:45:24 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2000/09/09 09:53:50 | 000,073,839 | ---- | C] () -- C:\WINDOWS\System32\KodakOneTouch.dll

< End of report >

OTL Extras logfile created on: 1/7/2011 2:28:48 PM - Run 1
OTL by OldTimer - Version 3.2.20.1 Folder = C:\Documents and Settings\Administrator\My Documents\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18241)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

735.00 Mb Total Physical Memory | 549.00 Mb Available Physical Memory | 75.00% Memory free
2.00 Gb Paging File | 1.00 Gb Available in Paging File | 71.00% Paging File free
Paging file location(s): C:\pagefile.sys 1104 2208 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 114.48 Gb Total Space | 66.92 Gb Free Space | 58.45% Space Free | Partition Type: NTFS
Drive D: | 74.52 Gb Total Space | 60.60 Gb Free Space | 81.32% Space Free | Partition Type: NTFS
Drive E: | 640.19 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: ACER | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\]

[HKEY_CURRENT_USER\SOFTWARE\Classes\]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /k cd "%L" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"UpdatesDisableNotify" = 1
"AntiVirusDisableNotify" = 1
"FirewallDisableNotify" = 1
"AntiVirusOverride" = 1
"FirewallOverride" = 1

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
"DisableUnicastResponsesToMulticastBroadcast" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
"DisableUnicastResponsesToMulticastBroadcast" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" = C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation)
"C:\WINDOWS\system32\mmcex32.exe" = C:\WINDOWS\system32\mmcex32.exe:*:Enabled:Windows Update Service -- File not found
"C:\WINDOWS\msvcrtwow.exe" = C:\WINDOWS\msvcrtwow.exe:*:Enabled:Windows Update Service -- File not found
"C:\WINDOWS\pidgenwow.exe" = C:\WINDOWS\pidgenwow.exe:*:Enabled:Windows Update Service -- File not found
"C:\WINDOWS\mprwow.exe" = C:\WINDOWS\mprwow.exe:*:Enabled:Windows Update Service -- File not found
"C:\WINDOWS\gpkcspwow.exe" = C:\WINDOWS\gpkcspwow.exe:*:Enabled:Windows Update Service -- File not found
"C:\WINDOWS\powrprofwow.exe" = C:\WINDOWS\powrprofwow.exe:*:Enabled:Windows Update Service -- File not found
"C:\WINDOWS\webclntwow.exe" = C:\WINDOWS\webclntwow.exe:*:Enabled:Windows Update Service -- File not found
"C:\WINDOWS\dmbandwow.exe" = C:\WINDOWS\dmbandwow.exe:*:Enabled:Windows Update Service -- File not found
"C:\WINDOWS\system32\sti_ci32.exe" = C:\WINDOWS\system32\sti_ci32.exe:*:Enabled:Windows Update Service -- File not found
"C:\WINDOWS\system32\moricons32.exe" = C:\WINDOWS\system32\moricons32.exe:*:Enabled:Windows Update Service -- File not found
"C:\WINDOWS\system32\mcastmib32.exe" = C:\WINDOWS\system32\mcastmib32.exe:*:Enabled:Windows Update Service -- File not found
"C:\WINDOWS\system32\query32.exe" = C:\WINDOWS\system32\query32.exe:*:Enabled:Windows Update Service -- File not found
"C:\WINDOWS\system32\verifier32.exe" = C:\WINDOWS\system32\verifier32.exe:*:Enabled:Windows Update Service -- File not found
"C:\WINDOWS\system32\ialmuJPN32.exe" = C:\WINDOWS\system32\ialmuJPN32.exe:*:Enabled:Windows Update Service -- File not found
"C:\WINDOWS\system32\winshfhc32.exe" = C:\WINDOWS\system32\winshfhc32.exe:*:Enabled:Windows Update Service -- File not found
"C:\WINDOWS\system32\devmgr32.exe" = C:\WINDOWS\system32\devmgr32.exe:*:Enabled:Windows Update Service -- File not found
"C:\WINDOWS\system32\dgnet32.exe" = C:\WINDOWS\system32\dgnet32.exe:*:Enabled:Windows Update Service -- File not found
"C:\WINDOWS\system32\tapisrv32.exe" = C:\WINDOWS\system32\tapisrv32.exe:*:Enabled:Windows Update Service -- File not found
"C:\WINDOWS\system32\vga25632.exe" = C:\WINDOWS\system32\vga25632.exe:*:Enabled:Windows Update Service -- File not found
"C:\WINDOWS\system32\dmstyle32.exe" = C:\WINDOWS\system32\dmstyle32.exe:*:Enabled:Windows Update Service -- File not found
"C:\WINDOWS\system32\colbact32.exe" = C:\WINDOWS\system32\colbact32.exe:*:Enabled:Windows Update Service -- File not found
"C:\WINDOWS\system32\wmvdmod32.exe" = C:\WINDOWS\system32\wmvdmod32.exe:*:Enabled:Windows Update Service -- File not found
"C:\WINDOWS\system32\linkinfo32.exe" = C:\WINDOWS\system32\linkinfo32.exe:*:Enabled:Windows Update Service -- File not found
"C:\WINDOWS\system32\softpub32.exe" = C:\WINDOWS\system32\softpub32.exe:*:Enabled:Windows Update Service -- File not found
"C:\WINDOWS\system32\mstask32.exe" = C:\WINDOWS\system32\mstask32.exe:*:Enabled:Windows Update Service -- File not found
"C:\WINDOWS\system32\browseui32.exe" = C:\WINDOWS\system32\browseui32.exe:*:Enabled:Windows Update Service -- File not found
"C:\WINDOWS\system32\netcfgx32.exe" = C:\WINDOWS\system32\netcfgx32.exe:*:Enabled:Windows Update Service -- File not found
"C:\WINDOWS\system32\osuninst32.exe" = C:\WINDOWS\system32\osuninst32.exe:*:Enabled:Windows Update Service -- File not found
"C:\WINDOWS\system32\mmdrv32.exe" = C:\WINDOWS\system32\mmdrv32.exe:*:Enabled:Windows Update Service -- File not found
"C:\WINDOWS\system32\ocmanage32.exe" = C:\WINDOWS\system32\ocmanage32.exe:*:Enabled:Windows Update Service -- File not found
"C:\WINDOWS\system32\ws2help32.exe" = C:\WINDOWS\system32\ws2help32.exe:*:Enabled:Windows Update Service -- File not found
"C:\WINDOWS\system32\wintrust32.exe" = C:\WINDOWS\system32\wintrust32.exe:*:Enabled:Windows Update Service -- File not found
"C:\WINDOWS\system32\msobjs32.exe" = C:\WINDOWS\system32\msobjs32.exe:*:Enabled:Windows Update Service -- File not found
"C:\WINDOWS\system32\ialmuHUN32.exe" = C:\WINDOWS\system32\ialmuHUN32.exe:*:Enabled:Windows Update Service -- File not found
"C:\WINDOWS\system32\dataclen32.exe" = C:\WINDOWS\system32\dataclen32.exe:*:Enabled:Windows Update Service -- File not found
"C:\WINDOWS\system32\GdiPlus32.exe" = C:\WINDOWS\system32\GdiPlus32.exe:*:Enabled:Windows Update Service -- File not found
"C:\WINDOWS\system32\ctl3dv232.exe" = C:\WINDOWS\system32\ctl3dv232.exe:*:Enabled:Windows Update Service -- File not found
"C:\WINDOWS\system32\rsfsaps32.exe" = C:\WINDOWS\system32\rsfsaps32.exe:*:Enabled:Windows Update Service -- File not found
"C:\WINDOWS\system32\localsec32.exe" = C:\WINDOWS\system32\localsec32.exe:*:Enabled:Windows Update Service -- File not found
"C:\WINDOWS\system32\vssapi32.exe" = C:\WINDOWS\system32\vssapi32.exe:*:Enabled:Windows Update Service -- File not found
"C:\WINDOWS\system32\wshbth32.exe" = C:\WINDOWS\system32\wshbth32.exe:*:Enabled:Windows Update Service -- File not found
"C:\WINDOWS\system32\tapiperf32.exe" = C:\WINDOWS\system32\tapiperf32.exe:*:Enabled:Windows Update Service -- File not found
"C:\WINDOWS\system32\browselc32.exe" = C:\WINDOWS\system32\browselc32.exe:*:Enabled:Windows Update Service -- File not found
"C:\WINDOWS\system32\px32.exe" = C:\WINDOWS\system32\px32.exe:*:Enabled:Windows Update Service -- File not found
"C:\WINDOWS\system32\pstorec32.exe" = C:\WINDOWS\system32\pstorec32.exe:*:Enabled:Windows Update Service -- File not found
"C:\WINDOWS\system32\olesvr3232.exe" = C:\WINDOWS\system32\olesvr3232.exe:*:Enabled:Windows Update Service -- File not found
"C:\WINDOWS\system32\MSIMTF32.exe" = C:\WINDOWS\system32\MSIMTF32.exe:*:Enabled:Windows Update Service -- File not found
"C:\WINDOWS\system32\hnetmon32.exe" = C:\WINDOWS\system32\hnetmon32.exe:*:Enabled:Windows Update Service -- File not found
"C:\WINDOWS\system32\mp43dmod32.exe" = C:\WINDOWS\system32\mp43dmod32.exe:*:Enabled:Windows Update Service -- File not found
"C:\WINDOWS\system32\xpsp3res32.exe" = C:\WINDOWS\system32\xpsp3res32.exe:*:Enabled:Windows Update Service -- File not found
"C:\WINDOWS\system32\xpsp1res32.exe" = C:\WINDOWS\system32\xpsp1res32.exe:*:Enabled:Windows Update Service -- File not found
"C:\WINDOWS\system32\netui232.exe" = C:\WINDOWS\system32\netui232.exe:*:Enabled:Windows Update Service -- File not found
"C:\WINDOWS\system32\lpk32.exe" = C:\WINDOWS\system32\lpk32.exe:*:Enabled:Windows Update Service -- File not found
"C:\WINDOWS\system32\cdmodem32.exe" = C:\WINDOWS\system32\cdmodem32.exe:*:Enabled:Windows Update Service -- File not found
"C:\WINDOWS\system32\dpwsock32.exe" = C:\WINDOWS\system32\dpwsock32.exe:*:Enabled:Windows Update Service -- File not found
"C:\WINDOWS\system32\rasqec32.exe" = C:\WINDOWS\system32\rasqec32.exe:*:Enabled:Windows Update Service -- File not found
"C:\WINDOWS\system32\ds16gt32.exe" = C:\WINDOWS\system32\ds16gt32.exe:*:Enabled:Windows Update Service -- File not found
"C:\WINDOWS\system32\ir50_qc32.exe" = C:\WINDOWS\system32\ir50_qc32.exe:*:Enabled:Windows Update Service -- File not found
"C:\WINDOWS\system32\mciole1632.exe" = C:\WINDOWS\system32\mciole1632.exe:*:Enabled:Windows Update Service -- File not found
"C:\WINDOWS\system32\dmdlgs32.exe" = C:\WINDOWS\system32\dmdlgs32.exe:*:Enabled:Windows Update Service -- File not found
"C:\WINDOWS\system32\bthserv32.exe" = C:\WINDOWS\system32\bthserv32.exe:*:Enabled:Windows Update Service -- File not found

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" = C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation)
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"C:\WINDOWS\system32\mmcex32.exe" = C:\WINDOWS\system32\mmcex32.exe:*:Enabled:Windows Update Service -- File not found
"C:\WINDOWS\msvcrtwow.exe" = C:\WINDOWS\msvcrtwow.exe:*:Enabled:Windows Update Service -- File not found
"C:\WINDOWS\pidgenwow.exe" = C:\WINDOWS\pidgenwow.exe:*:Enabled:Windows Update Service -- File not found
"C:\WINDOWS\mprwow.exe" = C:\WINDOWS\mprwow.exe:*:Enabled:Windows Update Service -- File not found
"C:\WINDOWS\gpkcspwow.exe" = C:\WINDOWS\gpkcspwow.exe:*:Enabled:Windows Update Service -- File not found
"C:\WINDOWS\powrprofwow.exe" = C:\WINDOWS\powrprofwow.exe:*:Enabled:Windows Update Service -- File not found
"C:\WINDOWS\webclntwow.exe" = C:\WINDOWS\webclntwow.exe:*:Enabled:Windows Update Service -- File not found
"C:\WINDOWS\dmbandwow.exe" = C:\WINDOWS\dmbandwow.exe:*:Enabled:Windows Update Service -- File not found
"C:\WINDOWS\system32\sti_ci32.exe" = C:\WINDOWS\system32\sti_ci32.exe:*:Enabled:Windows Update Service -- File not found
"C:\WINDOWS\system32\moricons32.exe" = C:\WINDOWS\system32\moricons32.exe:*:Enabled:Windows Update Service -- File not found
"C:\WINDOWS\system32\mcastmib32.exe" = C:\WINDOWS\system32\mcastmib32.exe:*:Enabled:Windows Update Service -- File not found
"C:\WINDOWS\system32\query32.exe" = C:\WINDOWS\system32\query32.exe:*:Enabled:Windows Update Service -- File not found
"C:\WINDOWS\system32\verifier32.exe" = C:\WINDOWS\system32\verifier32.exe:*:Enabled:Windows Update Service -- File not found
"C:\WINDOWS\system32\ialmuJPN32.exe" = C:\WINDOWS\system32\ialmuJPN32.exe:*:Enabled:Windows Update Service -- File not found
"C:\WINDOWS\system32\winshfhc32.exe" = C:\WINDOWS\system32\winshfhc32.exe:*:Enabled:Windows Update Service -- File not found
"C:\WINDOWS\system32\devmgr32.exe" = C:\WINDOWS\system32\devmgr32.exe:*:Enabled:Windows Update Service -- File not found
"C:\WINDOWS\system32\dgnet32.exe" = C:\WINDOWS\system32\dgnet32.exe:*:Enabled:Windows Update Service -- File not found
"C:\WINDOWS\system32\tapisrv32.exe" = C:\WINDOWS\system32\tapisrv32.exe:*:Enabled:Windows Update Service -- File not found
"C:\WINDOWS\system32\vga25632.exe" = C:\WINDOWS\system32\vga25632.exe:*:Enabled:Windows Update Service -- File not found
"C:\WINDOWS\system32\dmstyle32.exe" = C:\WINDOWS\system32\dmstyle32.exe:*:Enabled:Windows Update Service -- File not found
"C:\WINDOWS\system32\colbact32.exe" = C:\WINDOWS\system32\colbact32.exe:*:Enabled:Windows Update Service -- File not found
"C:\WINDOWS\system32\wmvdmod32.exe" = C:\WINDOWS\system32\wmvdmod32.exe:*:Enabled:Windows Update Service -- File not found
"C:\WINDOWS\system32\linkinfo32.exe" = C:\WINDOWS\system32\linkinfo32.exe:*:Enabled:Windows Update Service -- File not found
"C:\WINDOWS\system32\softpub32.exe" = C:\WINDOWS\system32\softpub32.exe:*:Enabled:Windows Update Service -- File not found
"C:\WINDOWS\system32\mstask32.exe" = C:\WINDOWS\system32\mstask32.exe:*:Enabled:Windows Update Service -- File not found
"C:\WINDOWS\system32\browseui32.exe" = C:\WINDOWS\system32\browseui32.exe:*:Enabled:Windows Update Service -- File not found
"C:\WINDOWS\system32\netcfgx32.exe" = C:\WINDOWS\system32\netcfgx32.exe:*:Enabled:Windows Update Service -- File not found
"C:\WINDOWS\system32\osuninst32.exe" = C:\WINDOWS\system32\osuninst32.exe:*:Enabled:Windows Update Service -- File not found
"C:\WINDOWS\system32\mmdrv32.exe" = C:\WINDOWS\system32\mmdrv32.exe:*:Enabled:Windows Update Service -- File not found
"C:\WINDOWS\system32\ocmanage32.exe" = C:\WINDOWS\system32\ocmanage32.exe:*:Enabled:Windows Update Service -- File not found
"C:\WINDOWS\system32\ws2help32.exe" = C:\WINDOWS\system32\ws2help32.exe:*:Enabled:Windows Update Service -- File not found
"C:\WINDOWS\system32\wintrust32.exe" = C:\WINDOWS\system32\wintrust32.exe:*:Enabled:Windows Update Service -- File not found
"C:\WINDOWS\system32\msobjs32.exe" = C:\WINDOWS\system32\msobjs32.exe:*:Enabled:Windows Update Service -- File not found
"C:\WINDOWS\system32\ialmuHUN32.exe" = C:\WINDOWS\system32\ialmuHUN32.exe:*:Enabled:Windows Update Service -- File not found
"C:\WINDOWS\system32\dataclen32.exe" = C:\WINDOWS\system32\dataclen32.exe:*:Enabled:Windows Update Service -- File not found
"C:\WINDOWS\system32\GdiPlus32.exe" = C:\WINDOWS\system32\GdiPlus32.exe:*:Enabled:Windows Update Service -- File not found
"C:\WINDOWS\system32\ctl3dv232.exe" = C:\WINDOWS\system32\ctl3dv232.exe:*:Enabled:Windows Update Service -- File not found
"C:\WINDOWS\system32\rsfsaps32.exe" = C:\WINDOWS\system32\rsfsaps32.exe:*:Enabled:Windows Update Service -- File not found
"C:\WINDOWS\system32\localsec32.exe" = C:\WINDOWS\system32\localsec32.exe:*:Enabled:Windows Update Service -- File not found
"C:\WINDOWS\system32\vssapi32.exe" = C:\WINDOWS\system32\vssapi32.exe:*:Enabled:Windows Update Service -- File not found
"C:\WINDOWS\system32\wshbth32.exe" = C:\WINDOWS\system32\wshbth32.exe:*:Enabled:Windows Update Service -- File not found
"C:\WINDOWS\system32\tapiperf32.exe" = C:\WINDOWS\system32\tapiperf32.exe:*:Enabled:Windows Update Service -- File not found
"C:\WINDOWS\system32\browselc32.exe" = C:\WINDOWS\system32\browselc32.exe:*:Enabled:Windows Update Service -- File not found
"C:\WINDOWS\system32\px32.exe" = C:\WINDOWS\system32\px32.exe:*:Enabled:Windows Update Service -- File not found
"C:\WINDOWS\system32\pstorec32.exe" = C:\WINDOWS\system32\pstorec32.exe:*:Enabled:Windows Update Service -- File not found
"C:\WINDOWS\system32\olesvr3232.exe" = C:\WINDOWS\system32\olesvr3232.exe:*:Enabled:Windows Update Service -- File not found
"C:\WINDOWS\system32\MSIMTF32.exe" = C:\WINDOWS\system32\MSIMTF32.exe:*:Enabled:Windows Update Service -- File not found
"C:\WINDOWS\system32\hnetmon32.exe" = C:\WINDOWS\system32\hnetmon32.exe:*:Enabled:Windows Update Service -- File not found
"C:\WINDOWS\system32\mp43dmod32.exe" = C:\WINDOWS\system32\mp43dmod32.exe:*:Enabled:Windows Update Service -- File not found
"C:\WINDOWS\system32\xpsp3res32.exe" = C:\WINDOWS\system32\xpsp3res32.exe:*:Enabled:Windows Update Service -- File not found
"C:\WINDOWS\system32\xpsp1res32.exe" = C:\WINDOWS\system32\xpsp1res32.exe:*:Enabled:Windows Update Service -- File not found
"C:\WINDOWS\system32\netui232.exe" = C:\WINDOWS\system32\netui232.exe:*:Enabled:Windows Update Service -- File not found
"C:\WINDOWS\system32\lpk32.exe" = C:\WINDOWS\system32\lpk32.exe:*:Enabled:Windows Update Service -- File not found
"C:\WINDOWS\system32\cdmodem32.exe" = C:\WINDOWS\system32\cdmodem32.exe:*:Enabled:Windows Update Service -- File not found
"C:\WINDOWS\system32\dpwsock32.exe" = C:\WINDOWS\system32\dpwsock32.exe:*:Enabled:Windows Update Service -- File not found
"C:\WINDOWS\system32\rasqec32.exe" = C:\WINDOWS\system32\rasqec32.exe:*:Enabled:Windows Update Service -- File not found
"C:\WINDOWS\system32\ds16gt32.exe" = C:\WINDOWS\system32\ds16gt32.exe:*:Enabled:Windows Update Service -- File not found
"C:\WINDOWS\system32\ir50_qc32.exe" = C:\WINDOWS\system32\ir50_qc32.exe:*:Enabled:Windows Update Service -- File not found
"C:\WINDOWS\system32\mciole1632.exe" = C:\WINDOWS\system32\mciole1632.exe:*:Enabled:Windows Update Service -- File not found
"C:\WINDOWS\system32\dmdlgs32.exe" = C:\WINDOWS\system32\dmdlgs32.exe:*:Enabled:Windows Update Service -- File not found
"C:\WINDOWS\system32\bthserv32.exe" = C:\WINDOWS\system32\bthserv32.exe:*:Enabled:Windows Update Service -- File not found


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0008546E-DF6E-4CC1-AFD0-2CB8E16C95A2}" = Notifier
"{0A8C7880-F199-4807-ABD4-6E695B71A3D7}" = e-tax 2009
"{10E98E14-832C-4AF7-A4D1-6A9EF83B282E}" = VCAMCEN
"{14D4ED84-6A9A-45A0-96F6-1753768C3CB5}" = ESSPCD
"{154508C0-07C5-4659-A7A0-E49968750D21}" = HLPPDOCK
"{19DC9559-9C20-4A46-A67D-7ECBA52A2788}" = Nokia PC Suite
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 23
"{2727FBEF-3155-11D4-8F73-0050DA0F6297}" = The Sims Livin' Large
"{308B6AEA-DE50-4666-996D-0FA461719D6B}" = Apple Mobile Device Support
"{38441BE7-79B0-42B8-8297-833704F949FE}" = HLPIndex
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3CA39B0C-BA85-4D42-AC0F-1FF5F60C3353}" = OTtBPSDK
"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting
"{4286E640-B5FB-11DF-AC4B-005056C00008}" = Google Earth
"{432C3720-37BF-4BD7-8E49-F38E090246D0}" = CR2
"{433A39B0-380C-4634-93FE-12A812954F5B}" = BigPond Broadband ADSL
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{469730CC-78DF-4CD3-B286-562D459EA619}" = ESSCAM
"{48C82F7A-F100-4DAB-A310-8E18BF2159E1}" = ESSvpot
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4F677FC7-7AA8-412B-A957-F13CBE1C7331}" = ESSSONIC
"{54C8FE84-89C4-40E8-976C-439EB0729BD6}" = CardRd81
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{6421F085-1FAA-DE13-D02A-CFB412C522A4}" = Acrobat.com
"{643EAE81-920C-4931-9F0B-4B343B225CA6}" = ESSBrwr
"{69BD6399-3D8F-45B7-81D9-819361F5101D}" = PCDLNCH
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6E0352EE-6F0D-4FBC-B1B8-4FF032C78BE0}" = PC Connectivity Solution
"{7131646D-CD3C-40F4-97B9-CD9E4E6262EF}" = Microsoft .NET Framework 2.0
"{7C5B4583-7CBF-4289-B195-03B553959DEA}" = VoiceOver Kit
"{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials
"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
"{87843A41-7808-4F2E-B13F-25C1E67CF2FD}" = ESShelp
"{881F5DE8-9367-4B81-A325-E91BBC6472F9}" = iTunes
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel(R) Extreme Graphics 2 Driver
"{8BB4B58A-A402-4DE8-8FCD-287E60B88DD8}" = ESSCT
"{8E92D746-CD9F-4B90-9668-42B74C14F765}" = ESSini
"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{91120000-0012-0000-0000-0000000FF1CE}" = Microsoft Office Standard 2007
"{91517631-A9F3-4B7C-B482-43E0068FD55A}" = ESSgui
"{94FB906A-CF42-4128-A509-D353026A607E}" = REALTEK Gigabit and Fast Ethernet NIC Driver
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{999D43F4-9709-4887-9B1A-83EBB15A8370}" = VPRINTOL
"{9CB4FEE2-7F47-11D4-B6AD-00A0CC624550}" = ModemXpert
"{9D1CF8B6-17B3-4832-B062-2C2DD0B57B04}" = CCHelp
"{9D8FEE90-0377-49A9-AEFB-525BDE549BA4}" = ESScore
"{A0AF08BA-3630-4505-BFB2-A41F3837B0D0}" = SFR2
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A5B3EB8A-4071-42F0-8E8E-7A8342AA8E69}" = ESSvpaht
"{A6F18A67-B771-4191-8A33-36D2E742D6D9}" = ESSANUP
"{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AADAC983-FDE9-42FA-8FD9-7BB324155593}" = HLPRFO
"{AC76BA86-7AD7-1033-7B44-A94000000001}" = Adobe Reader 9.4.0
"{AE1FA02D-E6A4-4EA0-8E58-6483CAC016DD}" = ESSCDBK
"{B4B44FE7-41FF-4DAD-8C0A-E406DDA72992}" = CCScore
"{B997C2A0-4383-41BF-B76E-9B8B7ECFB267}" = KSU
"{BD57EA4D-026E-4F08-9B93-080E282B81FE}" = iPod for Windows 2006-06-28
"{C354C9B6-A4E0-4BB0-A368-6DC6BCA0E314}" = SFR
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C50EF365-2898-489A-B6C7-30DAA466E9A2}" = Nokia Connectivity Cable Driver
"{CA60320D-6A16-49C8-A34F-84EEF4799567}" = ESSTUTOR
"{D15E9DB5-6BEB-4534-901E-80C0A29BAB97}" = ESSAdpt
"{D32470A1-B10C-4059-BA53-CF0486F68EBC}" = Kodak EasyShare software
"{D6C75F0B-3BC1-4FC9-B8C5-3F7E8ED059CA}" = Windows Live Photo Gallery
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F2D0C1B1-80FF-46F9-BA61-33B01A07FAFC}" = HLPCCTR
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"{F71760CD-0F8B-4DCC-B7B7-6B223CC3843C}" = OTtBP
"{FBE569CA-BFEB-4E57-A674-F94D938E1AEF}" = e-tax 2010
"{FCDB1C92-03C6-4C76-8625-371224256091}" = ESSPDock
"{FF1C31AE-0CDC-40CE-AB85-406F8B70D643}" = Bonjour
"05B59228C7E1C21DFBE89260F879BD95880548D8" = Windows Driver Package - Nokia Modem (10/05/2009 4.2)
"0D5BC5DD5940677F9B5623C12951388F5EF72436" = Windows Driver Package - NETGEAR Inc. (RTLWUSB) Net (02/07/2007 5.1283.0207.2007)
"504244733D18C8F63FF584AEB290E3904E791693" = Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"6A630DCEC5EEC912115F2FF59D8C2C769798D930" = Windows Driver Package - Nokia Modem (10/12/2007 3.6)
"819D45A9F73817F5B6D7C71A33ADAB88C5DA1765" = Windows Driver Package - Nokia Modem (08/03/2007 6.84.0.2)
"84261EAEDFA5240ACFFEDFB145134E295B649795" = Windows Driver Package - Thomson (USB_RNDIS) Net (02/16/2004 1.0.0.3)
"8ABEA6D4578549FADD34471076DFC5C22976C6D9" = Windows Driver Package - Atheros (arusb(Atheros)) Net (09/23/2008 3.0.0.131)
"8CDCFB95BB84DD9C0F88F22266A0CA86035E55BA" = Windows Driver Package - Nokia Modem (06/01/2009 7.01.0.4)
"Adobe Acrobat 5.0" = Adobe Acrobat 5.0
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"avast!" = avast! Antivirus
"BearShare" = BearShare
"BearShare MediaBar" = MediaBar
"C-Media Audio" = C-Media 3D Audio
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"EDE780BB5DCF2C3476C105BAE4CC1175516E9173" = Windows Driver Package - NETGEAR (W8335XP) Net (02/22/2005 3.1.1.7)
"Free DVD Maker_is1" = Free DVD Maker
"Google Chrome" = Google Chrome
"ie8" = Windows Internet Explorer 8 Beta 2
"InstallShield_{BD57EA4D-026E-4F08-9B93-080E282B81FE}" = iPod for Windows 2006-06-28
"Lexmark 7100 Series" = Lexmark 7100 Series
"LimeWire" = LimeWire 4.16.6
"Microsoft .NET Framework 2.0" = Microsoft .NET Framework 2.0
"Mozilla Firefox (3.6.13)" = Mozilla Firefox (3.6.13)
"Network Play System (Patching)" = Network Play System (Patching)
"Nokia PC Suite" = Nokia PC Suite
"Optus Wireless Broadband" = Optus Wireless Broadband
"PHONICS FOR BEGINNERS" = PHONICS FOR BEGINNERS
"Photo Gadget_is1" = Photo Gadget
"Picasa 3" = Picasa 3
"READ & SPELL WITH PHONICS" = READ & SPELL WITH PHONICS
"STANDARDR" = Microsoft Office Standard 2007
"VLC media player" = VLC media player 0.9.9
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"WinLiveSuite_Wave3" = Windows Live Essentials

========== Last 10 Event Log Errors ==========

[ Antivirus Events ]
Error - 1/29/2010 5:53:04 PM | Computer Name = ACER | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
E:\AUTORUN\SETUP.exe failed, 0000001E.

Error - 2/18/2010 7:30:08 AM | Computer Name = ACER | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
G:\DCIM\100K7330\100_0935.JPG failed, 0000001E.

Error - 12/27/2010 8:18:35 PM | Computer Name = ACER | Source = avast! | ID = 33554522
Description = Error in aswChestS: chest s_NewFile Error 112.

Error - 12/27/2010 8:18:35 PM | Computer Name = ACER | Source = avast! | ID = 33554522
Description = Error in aswChestC: chestAddFile Error 112.

Error - 12/27/2010 8:18:45 PM | Computer Name = ACER | Source = avast! | ID = 33554522
Description = Error in aswChestS: chest s_NewFile Error 112.

Error - 12/27/2010 8:18:45 PM | Computer Name = ACER | Source = avast! | ID = 33554522
Description = Error in aswChestC: chestAddFile Error 112.

Error - 12/27/2010 8:22:48 PM | Computer Name = ACER | Source = avast! | ID = 33554522
Description = Error in aswChestS: chest s_NewFile Error 112.

Error - 12/27/2010 8:22:48 PM | Computer Name = ACER | Source = avast! | ID = 33554522
Description = Error in aswChestC: chestAddFile Error 112.

Error - 12/28/2010 12:52:57 AM | Computer Name = ACER | Source = avast! | ID = 33554522
Description = Error in aswChestS: chest s_NewFile Error 112.

Error - 12/28/2010 12:52:57 AM | Computer Name = ACER | Source = avast! | ID = 33554522
Description = Error in aswChestC: chestAddFile Error 112.

[ Application Events ]
Error - 12/9/2010 9:54:17 PM | Computer Name = ACER | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 2032

Error - 12/9/2010 9:54:17 PM | Computer Name = ACER | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 2032

Error - 12/9/2010 9:54:19 PM | Computer Name = ACER | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 12/9/2010 9:54:19 PM | Computer Name = ACER | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 4641

Error - 12/9/2010 9:54:19 PM | Computer Name = ACER | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 4641

Error - 12/9/2010 9:54:29 PM | Computer Name = ACER | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 12/9/2010 9:54:29 PM | Computer Name = ACER | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 14454

Error - 12/9/2010 9:54:29 PM | Computer Name = ACER | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 14454

Error - 12/14/2010 7:16:57 AM | Computer Name = ACER | Source = Nokia software | ID = 1
Description = Nokia software (NLib 0.7.487) Failed to delete file. errorcode: 2012
File: C:\Documents
and Settings\Administrator\Local Settings\Temp\Install_Nokia_Ovi_Suite.exe Access
is denied. errorcode: -2147024891 Stack trace: .\InstallerShim.cpp(531) : wWinMain .\InstallUtils.cpp(209)
: CInstallUtils::CopyExeToTmpAndStart .\NFileUtilities.cpp(1385) : CNFileUtilities::DeleteFileW
.\NFileUtilities.cpp(1380)
: CNFileUtilities::DeleteFileW .\NFileUtilities.cpp(1379) : CNFileUtilities::DeleteFileW


Error - 12/14/2010 7:17:06 AM | Computer Name = ACER | Source = Nokia software | ID = 1
Description = Nokia software (NLib 0.7.487) Failed to delete file. errorcode: 2012
File: C:\Documents
and Settings\Administrator\Local Settings\Temp\Install_Nokia_Ovi_Suite.exe Access
is denied. errorcode: -2147024891 Stack trace: .\InstallerShim.cpp(531) : wWinMain .\InstallUtils.cpp(209)
: CInstallUtils::CopyExeToTmpAndStart .\NFileUtilities.cpp(1385) : CNFileUtilities::DeleteFileW
.\NFileUtilities.cpp(1380)
: CNFileUtilities::DeleteFileW .\NFileUtilities.cpp(1379) : CNFileUtilities::DeleteFileW


[ System Events ]
Error - 8/24/2010 8:49:50 PM | Computer Name = ACER | Source = W32Time | ID = 39452689
Description = Time Provider NtpClient: An error occurred during DNS lookup of the
manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup
again in 15 minutes. The error was: A socket operation was attempted to an unreachable
host. (0x80072751)

Error - 8/24/2010 8:49:50 PM | Computer Name = ACER | Source = W32Time | ID = 39452701
Description = The time provider NtpClient is configured to acquire time from one
or more time sources, however none of the sources are currently accessible. No attempt
to contact a source will be made for 15 minutes. NtpClient has no source of accurate
time.

Error - 8/24/2010 8:49:52 PM | Computer Name = ACER | Source = W32Time | ID = 39452689
Description = Time Provider NtpClient: An error occurred during DNS lookup of the
manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup
again in 15 minutes. The error was: A socket operation was attempted to an unreachable
host. (0x80072751)

Error - 8/24/2010 8:49:52 PM | Computer Name = ACER | Source = W32Time | ID = 39452701
Description = The time provider NtpClient is configured to acquire time from one
or more time sources, however none of the sources are currently accessible. No attempt
to contact a source will be made for 14 minutes. NtpClient has no source of accurate
time.

Error - 10/21/2010 9:43:19 AM | Computer Name = ACER | Source = Dhcp | ID = 1002
Description = The IP address lease 10.0.0.1 for the Network Card with network address
00138FFC8700 has been denied by the DHCP server 10.0.0.138 (The DHCP Server sent
a DHCPNACK message).

Error - 11/5/2010 9:19:37 AM | Computer Name = ACER | Source = Cdrom | ID = 262151
Description = The device, \Device\CdRom0, has a bad block.

Error - 11/5/2010 9:23:14 AM | Computer Name = ACER | Source = Cdrom | ID = 262151
Description = The device, \Device\CdRom0, has a bad block.

Error - 12/16/2010 8:43:18 PM | Computer Name = ACER | Source = Tcpip | ID = 4199
Description = The system detected an address conflict for IP address 10.0.0.1 with
the system having network hardware address 00:1F:3A:1B:AA:70. Network operations
on this system may be disrupted as a result.

Error - 12/16/2010 8:43:18 PM | Computer Name = ACER | Source = Tcpip | ID = 4199
Description = The system detected an address conflict for IP address 10.0.0.1 with
the system having network hardware address 00:1F:3A:1B:AA:70. Network operations
on this system may be disrupted as a result.

Error - 12/16/2010 8:43:18 PM | Computer Name = ACER | Source = Tcpip | ID = 4199
Description = The system detected an address conflict for IP address 10.0.0.1 with
the system having network hardware address 00:1F:3A:1B:AA:70. Network operations
on this system may be disrupted as a result.


< End of report >

Thanks heaps for assisting me with this annoying issue, whilst this scan was running Avast went off its chops not as bad after downloading a zumba workout, it picked up worms and trojans i think i clicked move to chest 4 times.

Hello.

• Download combofix from here
  Link 1
  
  1. If you are using Firefox, make sure that your download settings are as follows:
  
  * Tools->Options->Main tab
  * Set to "Always ask me where to Save the files".
  
  2. During the download, rename Combofix to Combo-Fix as follows:
  
  
  
  
  
  3. It is important you rename Combofix during the download, but not after.
  4. Please do not rename Combofix to other names, but only to the one indicated.
  5. Close any open browsers.
  6. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
  
  
• We need to disable your local AV (Anti-virus) before running Combofix.
  
• See HERE for how to disable your AV.
  
• Double click on ComboFix.exe.
  
• Follow the prompts. NOTE:
  
• ComboFix will check to see if the Microsoft Windows Recovery Console is installed.
  ***It's strongly recommended to have the Recovery Console installed before doing any malware removal.***
  
  **Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will automatically proceed with its scan.
  
  
  
• The Recovery Console provides a recovery/repair mode should a problem occur during a Combofix run.
  
  
  
  
• Allow ComboFix to download the Recovery Console.
  
• Accept the End-User License Agreement.
  
• The Recovery Console will be installed.
  
• You will then get this next prompt that asks if you want to continue the malware scan, select yes
  
  
  
  
• Allow combofix to run
  
• Post C:\combofix.txt back here.
  
  Note:
  Do not mouseclick combofix's window whilst it's running. That may cause it to stall.
  

thanks heaps for that will get onto it

firstly Thank you again and here is the log
ComboFix 11-01-07.01 - Administrator 01/08/2011 13:38:20.1.1 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.735.494 [GMT 11:00]
Running from: c:\documents and settings\Administrator\Desktop\Combo-Fix.exe
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\Administrator\Application Data\Mozilla\Firefox\Profiles\9td2853z.default\extensions\{8e5eed42-1f06-40c5-9cf9-b53b7e5b0211}
c:\documents and settings\Administrator\Application Data\Mozilla\Firefox\Profiles\9td2853z.default\extensions\{8e5eed42-1f06-40c5-9cf9-b53b7e5b0211}\chrome.manifest
c:\documents and settings\Administrator\Application Data\Mozilla\Firefox\Profiles\9td2853z.default\extensions\{8e5eed42-1f06-40c5-9cf9-b53b7e5b0211}\chrome\xulcache.jar
c:\documents and settings\Administrator\Application Data\Mozilla\Firefox\Profiles\9td2853z.default\extensions\{8e5eed42-1f06-40c5-9cf9-b53b7e5b0211}\defaults\preferences\xulcache.js
c:\documents and settings\Administrator\Application Data\Mozilla\Firefox\Profiles\9td2853z.default\extensions\{8e5eed42-1f06-40c5-9cf9-b53b7e5b0211}\install.rdf
c:\documents and settings\Administrator\Application Data\syswin
c:\documents and settings\Administrator\Application Data\syswin\lsass.exe
c:\windows\logfile32.txt
c:\windows\system32\1451623562
c:\windows\system32\msconfig.exe
c:\windows\system32\SysWoW32
c:\windows\system32\SysWoW32\_u1055799735v0
c:\windows\system32\SysWoW32\_u1055799735v1
c:\windows\system32\SysWoW32\_u1055799735v2
c:\windows\system32\SysWoW32\_u1055799735v3
c:\windows\system32\SysWoW32\mu1055799735v4
c:\windows\system32\SysWoW32\mu1055799735v4.kwd
c:\windows\system32\SysWoW32\mu1055799735v5
c:\windows\system32\SysWoW32\mu1055799735v5.kwd
c:\windows\system32\SysWoW32\mu1055799735v6
c:\windows\system32\SysWoW32\mu1055799735v6.kwd
c:\windows\system32\SysWoW32\mu1055799735v7
c:\windows\system32\SysWoW32\mu1055799735v7.kwd
c:\windows\system32\SysWoW32\wu1055799735v0
c:\windows\system32\SysWoW32\wu1055799735v0.kwd
c:\windows\system32\SysWoW32\wu1055799735v1
c:\windows\system32\SysWoW32\wu1055799735v1.kwd
c:\windows\system32\SysWoW32\wu1055799735v2
c:\windows\system32\SysWoW32\wu1055799735v2.kwd
c:\windows\system32\SysWoW32\wu1055799735v3
c:\windows\system32\SysWoW32\wu1055799735v3.kwd

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_BITS32
-------\Legacy_DMADMIN32
-------\Legacy_NLA32
-------\Legacy_RPCSS32
-------\Service_BITS32
-------\Service_dmadmin32
-------\Service_Nla32
-------\Service_RpcSs32


((((((((((((((((((((((((( Files Created from 2010-12-08 to 2011-01-08 )))))))))))))))))))))))))))))))
.

2011-01-08 02:43 . 2011-01-08 02:43 -------- d-----w- c:\windows\system32\wbem\snmp
2011-01-08 02:43 . 2011-01-08 02:43 -------- d-----w- c:\windows\system32\xircom
2011-01-08 02:43 . 2011-01-08 02:43 -------- d-----w- c:\windows\system32\oobe
2011-01-08 02:43 . 2011-01-08 02:43 -------- d-----w- c:\windows\srchasst
2011-01-08 02:43 . 2011-01-08 02:43 -------- d-----w- c:\program files\microsoft frontpage
2010-12-28 04:45 . 2010-12-28 04:45 -------- d-----w- c:\program files\Common Files\Java
2010-12-28 04:26 . 2002-12-11 07:34 208896 ----a-w- c:\windows\system32\wmpns.dll
2010-12-26 08:59 . 2010-12-26 08:59 0 ---ha-w- c:\documents and settings\Administrator\lfiyzvhfvo.tmp
2010-12-24 02:59 . 2010-12-24 02:59 -------- d-----w- C:\Funny Backup
2010-12-24 01:26 . 2010-12-24 01:26 0 ---ha-w- c:\windows\lfiyzvhfvo.tmp
2010-12-24 01:24 . 2010-12-27 05:27 -------- d-sh--w- c:\windows\system32\4CF669A4E0978C8153827BA8AE09105F
2010-12-24 01:24 . 2010-12-24 01:24 203776 --sh--w- c:\windows\system32\unrar.exe
2010-12-24 01:24 . 2010-12-24 01:24 1071104 --sha-w- c:\windows\system32\928.tmp
2010-12-24 01:24 . 2010-12-24 01:24 1071104 --sha-w- c:\windows\system32\927.tmp
2010-12-24 01:24 . 2010-12-24 01:24 259072 ----a-w- c:\windows\system32\winscard32.dll
2010-12-24 01:24 . 2010-12-24 01:24 175616 ----a-w- c:\windows\system32\winscard32.exe
2010-12-24 01:24 . 2010-12-24 01:24 414208 ----a-w- c:\windows\system32\azroles32.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-11-29 06:38 . 2010-11-29 06:38 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2010-11-29 06:38 . 2010-11-29 06:38 69632 ----a-w- c:\windows\system32\QuickTime.qts
2010-11-12 07:53 . 2010-05-19 15:23 472808 ----a-w- c:\windows\system32\deployJava1.dll
2010-11-12 05:34 . 2010-05-19 15:23 73728 ----a-w- c:\windows\system32\javacpl.cpl
.

------- Sigcheck -------

[-] 2008-09-13 . CBEEBEB899E31EF52B962CB31FC8CA5C . 361600 . . [5.1.2600.5625] . . c:\windows\system32\drivers\tcpip.sys



[-] 2002-11-26 09:03 . 36678803A8030EE9A771935CFC1848BD . 52224 . . [9.0.1.56] . . c:\windows\system32\mspmsnsv.dll

c:\windows\System32\wscntfy.exe ... is missing !!
c:\windows\System32\regsvc.dll ... is missing !!
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0662A208-0C78-49A3-B322-4E1880DFE00f}]
2010-12-24 01:24 414208 ----a-w- c:\windows\system32\azroles32.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0974BA1E-64EC-11DE-B2A5-E43756D89593}]
2009-12-20 09:51 87480 ----a-w- c:\program files\BearShare Applications\MediaBar\ToolBar\BearshareMediabarDx.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{74322BF9-DF26-493f-B0DA-6D2FC5E6429E}]
2010-03-28 01:16 393144 ----a-w- c:\program files\BearShare Applications\MediaBar\DataMngr\IEBHO.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{9530D689-3E79-F48E-33CE-E610B02A9CD1}]
2010-12-24 01:24 259072 ----a-w- c:\windows\system32\winscard32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{0974BA1E-64EC-11DE-B2A5-E43756D89593}"= "c:\program files\BearShare Applications\MediaBar\ToolBar\BearshareMediabarDx.dll" [2009-12-20 87480]

[HKEY_CLASSES_ROOT\clsid\{0974ba1e-64ec-11de-b2a5-e43756d89593}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"igfxtray"="c:\windows\system32\igfxtray.exe" [2005-09-20 94208]
"igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2005-09-20 77824]
"igfxpers"="c:\windows\system32\igfxpers.exe" [2005-09-20 114688]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]
"LXBXCATS"="c:\windows\System32\spool\DRIVERS\W32X86\3\LXBXtime.dll" [2004-11-02 69632]
"lxbxmon.exe"="c:\program files\Lexmark 7100 Series\lxbxmon.exe" [2005-01-18 196608]
"EzPrint"="c:\program files\Lexmark 7100 Series\ezprint.exe" [2004-09-17 61440]
"DataMngr"="c:\progra~1\BEARSH~1\MediaBar\DataMngr\DataMngrUI.exe" [2010-03-28 797112]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-09-22 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-20 932288]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-29 421888]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-12-13 421160]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"_nltide_3"="advpack.dll" [2008-08-21 128512]

c:\documents and settings\Administrator\Start Menu\Programs\Startup\
LimeWire On Startup.lnk - c:\program files\LimeWire\LimeWire.exe [2008-2-9 147456]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Kodak EasyShare software.lnk - c:\program files\Kodak\Kodak EasyShare software\bin\EasyShare.exe [2004-8-11 757760]
Kodak software updater.lnk - c:\program files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe [2004-2-14 16423]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"DisableCAD"= 1 (0x1)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoSMHelp"= 1 (0x1)
"NoResolveTrack"= 1 (0x1)
"NoSMMyPictures"= 1 (0x1)
"NoSMConfigurePrograms"= 1 (0x1)

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoSMHelp"= 1 (0x1)
"ForceClassicControlPanel"= 1 (0x1)
"NoResolveTrack"= 1 (0x1)
"NoSMMyPictures"= 1 (0x1)
"NoSMConfigurePrograms"= 1 (0x1)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
"DisableUnicastResponsesToMulticastBroadcast"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=

R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [6/14/2009 3:49 AM 114768]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [6/14/2009 3:49 AM 20560]
S2 Alerter32;Alerter ;c:\windows\system32\hhsetup32.exe --> c:\windows\system32\hhsetup32.exe [?]
S2 ALG32;Application Layer Gateway Service ;c:\windows\system32\msjtes4032.exe --> c:\windows\system32\msjtes4032.exe [?]
S2 Apple Mobile Device32;Apple Mobile Device ;c:\windows\system32\olecnv3232.exe --> c:\windows\system32\olecnv3232.exe [?]
S2 Apple Mobile Device3232;Apple Mobile Device ;c:\windows\system32\w32topl32.exe --> c:\windows\system32\w32topl32.exe [?]
S2 Apple Mobile Device323232;Apple Mobile Device ;c:\windows\system32\odfox3232.exe --> c:\windows\system32\odfox3232.exe [?]
S2 AppMgmt32;Application Management ;c:\windows\system32\iernonce32.exe --> c:\windows\system32\iernonce32.exe [?]
S2 AppMgmt3232;Application Management ;c:\windows\system32\compstui32.exe --> c:\windows\system32\compstui32.exe [?]
S2 AppMgmt323232;Application Management ;c:\windows\system32\iprop32.exe --> c:\windows\system32\iprop32.exe [?]
S2 AppMgmt32323232;Application Management ;c:\windows\system32\opengl3232.exe --> c:\windows\system32\opengl3232.exe [?]
S2 aspnet_state32;ASP.NET State Service ;c:\windows\system32\dhcpqec32.exe --> c:\windows\system32\dhcpqec32.exe [?]
S2 aspnet_state3232;ASP.NET State Service ;c:\windows\system32\NCTAudioFormatSettings332.exe --> c:\windows\system32\NCTAudioFormatSettings332.exe [?]
S2 AudioSrv32;Windows Audio ;c:\windows\system32\avicap32.exe --> c:\windows\system32\avicap32.exe [?]
S2 Bonjour Service32;Bonjour Service ;c:\windows\system32\moricons32.exe --> c:\windows\system32\moricons32.exe [?]
S2 Bonjour Service3232;Bonjour Service ;c:\windows\system32\azroles32.exe --> c:\windows\system32\azroles32.exe [?]
S2 Bonjour Service323232;Bonjour Service ;c:\windows\system32\rsvpsp32.exe --> c:\windows\system32\rsvpsp32.exe [?]
S2 Browser32;Computer Browser ;c:\windows\system32\inseng32.exe --> c:\windows\system32\inseng32.exe [?]
S2 Browser3232;Computer Browser ;c:\windows\system32\vxblock32.exe --> c:\windows\system32\vxblock32.exe [?]
S2 clr_optimization_v2.0.50727_3232;.NET Runtime Optimization Service v2.0.50727_X86 ;c:\windows\system32\d3dpmesh32.exe --> c:\windows\system32\d3dpmesh32.exe [?]
S2 DcomLaunch32;DCOM Server Process Launcher ;c:\windows\system32\msxml32.exe --> c:\windows\system32\msxml32.exe [?]
S2 Dhcp32;DHCP Client ;c:\windows\system32\wucltui32.exe --> c:\windows\system32\wucltui32.exe [?]
S2 Dhcp3232;DHCP Client ;c:\windows\system32\mshtml32.exe --> c:\windows\system32\mshtml32.exe [?]
S2 Dhcp323232;DHCP Client ;c:\windows\system32\rtutils32.exe --> c:\windows\system32\rtutils32.exe [?]
S2 Dhcp32323232;DHCP Client ;c:\windows\system32\d3dxof32.exe --> c:\windows\system32\d3dxof32.exe [?]
S2 dmadmin3232;Logical Disk Manager Administrative Service ;c:\windows\system32\msrating32.exe --> c:\windows\system32\msrating32.exe [?]
S2 dmserver32;Logical Disk Manager ;c:\windows\system32\xmlprov32.exe --> c:\windows\system32\xmlprov32.exe [?]
S2 dmserver323232;Logical Disk Manager ;c:\windows\system32\wshcon32.exe --> c:\windows\system32\wshcon32.exe [?]
S2 dmserver32323232;Logical Disk Manager ;c:\windows\system32\dplayx32.exe --> c:\windows\system32\dplayx32.exe [?]
S2 dmserver3232323232;Logical Disk Manager ;c:\windows\system32\lxbxins32.exe --> c:\windows\system32\lxbxins32.exe [?]
S2 dmserver323232323232;Logical Disk Manager ;c:\windows\system32\rsaenh32.exe --> c:\windows\system32\rsaenh32.exe [?]
S2 Dnscache32;DNS Client ;c:\windows\system32\oakley32.exe --> c:\windows\system32\oakley32.exe [?]
S2 Dnscache3232;DNS Client ;c:\windows\system32\dpvoice32.exe --> c:\windows\system32\dpvoice32.exe [?]
S2 Dnscache323232;DNS Client ;c:\windows\system32\msi32.exe --> c:\windows\system32\msi32.exe [?]
S2 Dot3svc32;Wired AutoConfig ;c:\windows\system32\zipfldr32.exe --> c:\windows\system32\zipfldr32.exe [?]
S2 Dot3svc3232;Wired AutoConfig ;c:\windows\system32\jscript32.exe --> c:\windows\system32\jscript32.exe [?]
S2 Dot3svc323232;Wired AutoConfig ;c:\windows\system32\kbdus32.exe --> c:\windows\system32\kbdus32.exe [?]
S2 EapHost32;Extensible Authentication Protocol Service ;c:\windows\system32\slbcsp32.exe --> c:\windows\system32\slbcsp32.exe [?]
S2 Eventlog32;Event Log ;c:\windows\system32\igfxres32.exe --> c:\windows\system32\igfxres32.exe [?]
S2 FastUserSwitchingCompatibility32;Fast User Switching Compatibility ;c:\windows\system32\winsock32.exe --> c:\windows\system32\winsock32.exe [?]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [8/31/2010 3:06 PM 136176]
S2 gupdate32;Google Update Service (gupdate) ;c:\windows\system32\odexl3232.exe --> c:\windows\system32\odexl3232.exe [?]
S2 gupdate323232;Google Update Service (gupdate) ;c:\windows\system32\msv1_032.exe --> c:\windows\system32\msv1_032.exe [?]
S2 gusvc32;Google Updater Service ;c:\windows\system32\lxbxprox32.exe --> c:\windows\system32\lxbxprox32.exe [?]
S2 gusvc3232;Google Updater Service ;c:\windows\system32\psbase32.exe --> c:\windows\system32\psbase32.exe [?]
S2 HidServ32;HID Input Service ;c:\windows\system32\msrle3232.exe --> c:\windows\system32\msrle3232.exe [?]
S2 HidServ3232;HID Input Service ;c:\windows\system32\mprapi32.exe --> c:\windows\system32\mprapi32.exe [?]
S2 hkmsvc32;Health Key and Certificate Management Service ;c:\windows\system32\shlwapi32.exe --> c:\windows\system32\shlwapi32.exe [?]
S2 hkmsvc3232;Health Key and Certificate Management Service ;c:\windows\system32\nddeapi32.exe --> c:\windows\system32\nddeapi32.exe [?]
S2 IDriverT32;InstallDriver Table Manager ;c:\windows\system32\msswch32.exe --> c:\windows\system32\msswch32.exe [?]
S2 IDriverT3232;InstallDriver Table Manager ;c:\windows\system32\mqutil32.exe --> c:\windows\system32\mqutil32.exe [?]
S2 ImapiService3232;IMAPI CD-Burning COM Service ;c:\windows\system32\seclogon32.exe --> c:\windows\system32\seclogon32.exe [?]
S2 ImapiService323232;IMAPI CD-Burning COM Service ;c:\windows\system32\hid32.exe --> c:\windows\system32\hid32.exe [?]
S2 iPod Service3232;iPod Service ;c:\windows\system32\mapistub32.exe --> c:\windows\system32\mapistub32.exe [?]
S2 LanmanServer32;Server ;c:\windows\system32\hidserv32.exe --> c:\windows\system32\hidserv32.exe [?]
S2 lanmanworkstation32;Workstation ;c:\windows\system32\msxbde4032.exe --> c:\windows\system32\msxbde4032.exe [?]
S2 lanmanworkstation3232;Workstation ;c:\windows\system32\mstime32.exe --> c:\windows\system32\mstime32.exe [?]
S2 lxbx_device32;lxbx_device ;c:\windows\system32\hnetwiz32.exe --> c:\windows\system32\hnetwiz32.exe [?]
S2 MSDTC3232;Distributed Transaction Coordinator ;c:\windows\system32\odbc32gt32.exe --> c:\windows\system32\odbc32gt32.exe [?]
S2 MSDTC323232;Distributed Transaction Coordinator ;c:\windows\system32\ialmdd532.exe --> c:\windows\system32\ialmdd532.exe [?]
S2 MSDTC32323232;Distributed Transaction Coordinator ;c:\windows\system32\mfc4232.exe --> c:\windows\system32\mfc4232.exe [?]
S2 napagent32;Network Access Protection Agent ;c:\windows\system32\riched3232.exe --> c:\windows\system32\riched3232.exe [?]
S2 Netlogon32;Net Logon ;c:\windows\system32\mswstr1032.exe --> c:\windows\system32\mswstr1032.exe [?]
S2 Netlogon3232;Net Logon ;c:\windows\system32\rasctrs32.exe --> c:\windows\system32\rasctrs32.exe [?]
S2 Netlogon323232;Net Logon ;c:\windows\system32\hlink32.exe --> c:\windows\system32\hlink32.exe [?]
S2 Netlogon32323232;Net Logon ;c:\windows\system32\rcbdyctl32.exe --> c:\windows\system32\rcbdyctl32.exe [?]
S2 Nla3232;Network Location Awareness (NLA) ;c:\windows\system32\sqlwid32.exe --> c:\windows\system32\sqlwid32.exe [?]
S2 NtLmSsp32;NT LM Security Support Provider ;c:\windows\system32\ipxsap32.exe --> c:\windows\system32\ipxsap32.exe [?]
S2 NtLmSsp3232;NT LM Security Support Provider ;c:\windows\system32\localspl32.exe --> c:\windows\system32\localspl32.exe [?]
S2 NtLmSsp323232;NT LM Security Support Provider ;c:\windows\system32\tcpmonui32.exe --> c:\windows\system32\tcpmonui32.exe [?]
S2 NtLmSsp32323232;NT LM Security Support Provider ;c:\windows\system32\dsound3d32.exe --> c:\windows\system32\dsound3d32.exe [?]
S2 NtLmSsp3232323232;NT LM Security Support Provider ;c:\windows\system32\ws2help32.exe --> c:\windows\system32\ws2help32.exe [?]
S2 NtLmSsp323232323232;NT LM Security Support Provider ;c:\windows\system32\kernel3232.exe --> c:\windows\system32\kernel3232.exe [?]
S2 ose32;Office Source Engine ;c:\windows\system32\ntprint32.exe --> c:\windows\system32\ntprint32.exe [?]
S2 PlugPlay32;Plug and Play ;c:\windows\system32\mqlogmgr32.exe --> c:\windows\system32\mqlogmgr32.exe [?]
S2 PlugPlay3232;Plug and Play ;c:\windows\system32\mfc4032.exe --> c:\windows\system32\mfc4032.exe [?]
S2 PolicyAgent32;IPSEC Services ;c:\windows\system32\atmfd32.exe --> c:\windows\system32\atmfd32.exe [?]
S2 PolicyAgent3232;IPSEC Services ;c:\windows\system32\neth32.exe --> c:\windows\system32\neth32.exe [?]
S2 PolicyAgent323232;IPSEC Services ;c:\windows\system32\wshext32.exe --> c:\windows\system32\wshext32.exe [?]
S2 ProtectedStorage32;Protected Storage ;c:\windows\system32\ialmuELL32.exe --> c:\windows\system32\ialmuELL32.exe [?]
S2 ProtectedStorage3232;Protected Storage ;c:\windows\system32\msprivs32.exe --> c:\windows\system32\msprivs32.exe [?]
S2 RDSessMgr32;Remote Desktop Help Session Manager ;c:\windows\system32\wiafbdrv32.exe --> c:\windows\system32\wiafbdrv32.exe [?]
S2 RSVP32;QoS RSVP ;c:\windows\system32\danim32.exe --> c:\windows\system32\danim32.exe [?]
S2 SamSs32;Security Accounts Manager ;c:\windows\system32\msvcirt32.exe --> c:\windows\system32\msvcirt32.exe [?]
S2 Schedule32;Task Scheduler ;c:\windows\system32\urlmon32.exe --> c:\windows\system32\urlmon32.exe [?]
S2 seclogon32;Secondary Logon ;c:\windows\system32\comsnap32.exe --> c:\windows\system32\comsnap32.exe [?]
S2 seclogon3232;Secondary Logon ;c:\windows\system32\wavemsp32.exe --> c:\windows\system32\wavemsp32.exe [?]
S2 SENS32;System Event Notification ;c:\windows\system32\NCTQuickTimeFile32.exe --> c:\windows\system32\NCTQuickTimeFile32.exe [?]
S2 ServiceLayer32;ServiceLayer ;c:\windows\system32\oledlg32.exe --> c:\windows\system32\oledlg32.exe [?]
S2 SharedAccess32;Windows Firewall/Internet Connection Sharing (ICS) ;c:\windows\system32\igmpagnt32.exe --> c:\windows\system32\igmpagnt32.exe [?]
S2 ShellHWDetection32;Shell Hardware Detection ;c:\windows\system32\fontext32.exe --> c:\windows\system32\fontext32.exe [?]
S2 ShellHWDetection3232;Shell Hardware Detection ;c:\windows\system32\cliconfg32.exe --> c:\windows\system32\cliconfg32.exe [?]
S2 ShellHWDetection323232;Shell Hardware Detection ;c:\windows\system32\msxmlr32.exe --> c:\windows\system32\msxmlr32.exe [?]
S2 ShellHWDetection32323232;Shell Hardware Detection ;c:\windows\system32\mscpxl3232.exe --> c:\windows\system32\mscpxl3232.exe [?]
S2 Spooler32;Print Spooler ;c:\windows\system32\sclgntfy32.exe --> c:\windows\system32\sclgntfy32.exe [?]
S2 Spooler3232;Print Spooler ;c:\windows\system32\lxbxcub32.exe --> c:\windows\system32\lxbxcub32.exe [?]
S2 Spooler323232;Print Spooler ;c:\windows\system32\cscdll32.exe --> c:\windows\system32\cscdll32.exe [?]
S2 srservice32;System Restore Service ;c:\windows\system32\wifeman32.exe --> c:\windows\system32\wifeman32.exe [?]
S2 srservice3232;System Restore Service ;c:\windows\system32\wups32.exe --> c:\windows\system32\wups32.exe [?]
S2 srservice323232;System Restore Service ;c:\windows\system32\bitsprx432.exe --> c:\windows\system32\bitsprx432.exe [?]
S2 SSDPSRV32;SSDP Discovery Service ;c:\windows\system32\lxbxprox32.exe --> c:\windows\system32\lxbxprox32.exe [?]
S2 stisvc32;Windows Image Acquisition (WIA) ;c:\windows\system32\certmgr32.exe --> c:\windows\system32\certmgr32.exe [?]
S2 stisvc3232;Windows Image Acquisition (WIA) ;c:\windows\system32\ipxmontr32.exe --> c:\windows\system32\ipxmontr32.exe [?]
S2 SwPrv32;MS Software Shadow Copy Provider ;c:\windows\system32\wintrust32.exe --> c:\windows\system32\wintrust32.exe [?]
S2 SwPrv3232;MS Software Shadow Copy Provider ;c:\windows\system32\msimg3232.exe --> c:\windows\system32\msimg3232.exe [?]
S2 SysmonLog32;Performance Logs and Alerts ;c:\windows\system32\stclient32.exe --> c:\windows\system32\stclient32.exe [?]
S2 TapiSrv32;Telephony ;c:\windows\system32\initpki32.exe --> c:\windows\system32\initpki32.exe [?]
S2 TapiSrv3232;Telephony ;c:\windows\system32\aclui32.exe --> c:\windows\system32\aclui32.exe [?]
S2 Themes32;Themes ;c:\windows\system32\qcap32.exe --> c:\windows\system32\qcap32.exe [?]
S2 Themes3232;Themes ;c:\windows\system32\imapi232.exe --> c:\windows\system32\imapi232.exe [?]
S2 Themes323232;Themes ;c:\windows\system32\dfsshlex32.exe --> c:\windows\system32\dfsshlex32.exe [?]
S2 Themes32323232;Themes ;c:\windows\system32\d3dim70032.exe --> c:\windows\system32\d3dim70032.exe [?]
S2 TrkWks32;Distributed Link Tracking Client ;c:\windows\system32\iprtprio32.exe --> c:\windows\system32\iprtprio32.exe [?]
S2 upnphost32;Universal Plug and Play Device Host ;c:\windows\system32\msvidc3232.exe --> c:\windows\system32\msvidc3232.exe [?]
S2 UPS32;Uninterruptible Power Supply ;c:\windows\system32\netapi32.exe --> c:\windows\system32\netapi32.exe [?]
S2 UPS3232;Uninterruptible Power Supply ;c:\windows\system32\wiaservc32.exe --> c:\windows\system32\wiaservc32.exe [?]
S2 VSS32;Volume Shadow Copy ;c:\windows\system32\wtsapi3232.exe --> c:\windows\system32\wtsapi3232.exe [?]
S2 VSS3232;Volume Shadow Copy ;c:\windows\system32\wmasf32.exe --> c:\windows\system32\wmasf32.exe [?]
S2 VSS323232;Volume Shadow Copy ;c:\windows\system32\framedyn32.exe --> c:\windows\system32\framedyn32.exe [?]
S2 W32Time32;Windows Time ;c:\windows\system32\msacm32.exe --> c:\windows\system32\msacm32.exe [?]
S2 WebClient3232;WebClient ;c:\windows\system32\skdll32.exe --> c:\windows\system32\skdll32.exe [?]
S2 winmgmt3232;Windows Management Instrumentation ;c:\windows\system32\msdtclog32.exe --> c:\windows\system32\msdtclog32.exe [?]
S2 WmdmPmSN32;Portable Media Serial Number Service ;c:\windows\system32\glu3232.exe --> c:\windows\system32\glu3232.exe [?]
S2 Wmi3232;Windows Management Instrumentation Driver Extensions ;c:\windows\system32\ipsecsvc32.exe --> c:\windows\system32\ipsecsvc32.exe [?]
S2 Wmi323232;Windows Management Instrumentation Driver Extensions ;c:\windows\system32\devenum32.exe --> c:\windows\system32\devenum32.exe [?]
S2 wuauserv32;Automatic Updates ;c:\windows\system32\mcdsrv3232.exe --> c:\windows\system32\mcdsrv3232.exe [?]
S2 wuauserv3232;Automatic Updates ;c:\windows\system32\adsldp32.exe --> c:\windows\system32\adsldp32.exe [?]
S2 wuauserv323232;Automatic Updates ;c:\windows\system32\dpwsock32.exe --> c:\windows\system32\dpwsock32.exe [?]
S2 wuauserv32323232;Automatic Updates ;c:\windows\system32\dmusic32.exe --> c:\windows\system32\dmusic32.exe [?]
S2 WZCSVC32;Wireless Zero Configuration ;c:\windows\system32\sysinv32.exe --> c:\windows\system32\sysinv32.exe [?]
S2 WZCSVC3232;Wireless Zero Configuration ;c:\windows\system32\fontsub32.exe --> c:\windows\system32\fontsub32.exe [?]
S2 xmlprov32;Network Provisioning Service ;c:\windows\system32\cdm32.exe --> c:\windows\system32\cdm32.exe [?]
S2 xmlprov3232;Network Provisioning Service ;c:\windows\system32\inseng32.exe --> c:\windows\system32\inseng32.exe [?]
S3 cmusbnet;WAN Driver @ 3GPP (6280);c:\windows\system32\drivers\cmusbnet.sys [6/23/2007 2:54 AM 87424]
S3 cmusbser;%CMUSBSER%;c:\windows\system32\drivers\cmusbser.sys [12/14/2006 10:31 AM 87040]

--- Other Services/Drivers In Memory ---

*NewlyCreated* - HELPSVC
.
Contents of the 'Scheduled Tasks' folder

2011-01-07 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2009-10-22 01:50]

2011-01-08 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-08-31 04:06]

2011-01-08 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-08-31 04:06]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://search.bearshare.com/
uDefault_Search_URL = hxxp://www.google.com/ie
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\Administrator\Application Data\Mozilla\Firefox\Profiles\9td2853z.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com.au/
FF - prefs.js: keyword.URL - hxxp://search.bearshare.com/web?src=ffb&q=
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
FF - Ext: ReloadEvery: {888d99e7-e8b5-46a3-851e-1ec45da1e644} - %profile%\extensions\{888d99e7-e8b5-46a3-851e-1ec45da1e644}
FF - Ext: MediaBar: {E84D42CA-64EB-11DE-A65F-8C3656D89593} - %profile%\extensions\{E84D42CA-64EB-11DE-A65F-8C3656D89593}
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\Java\jre6\lib\deploy\jqs\ff
.
- - - - ORPHANS REMOVED - - - -

HKLM-Run-Cmaudio - cmicnfg.cpl
HKLM-Run-dmbandwow.exe - c:\windows\dmbandwow.exe
HKU-Default-Run-Nokia.PCSync - c:\program files\Nokia\Nokia PC Suite 6\PcSync2.exe
AddRemove-C-Media Audio - c:\windows\CMIUnInstall.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-01-08 13:44
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

HKLM\Software\Microsoft\Windows\CurrentVersion\Run
LXBXCATS = rundll32 c:\windows\System32\spool\DRIVERS\W32X86\3\LXBXtime.dll,_RunDLLEntry@16???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'explorer.exe'(120)
c:\docume~1\ADMINI~1\LOCALS~1\Temp\IadHide5.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\OneX.DLL
c:\windows\system32\eappprxy.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Alwil Software\Avast4\aswUpdSv.exe
c:\program files\Alwil Software\Avast4\ashServ.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\windows\system32\RunDll32.exe
c:\program files\Alwil Software\Avast4\ashMaiSv.exe
c:\program files\Alwil Software\Avast4\ashWebSv.exe
c:\windows\system32\lxbxcoms.exe
c:\program files\iPod\bin\iPodService.exe
.
**************************************************************************
.
Completion time: 2011-01-08 13:51:55 - machine was rebooted
ComboFix-quarantined-files.txt 2011-01-08 02:51

Pre-Run: 71,763,189,760 bytes free
Post-Run: 72,445,775,872 bytes free

WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /fastdetect /noexecute=optin

- - End Of File - - E1A9251ED3F7FC68EB74080C5EC273DD

the bleeping computers forum said my avast should be orange with a v5 mines blue spins and only has the a in it, do you guys know why?